设置与LDAP和C#的Active Directory帐户过期 [英] Setting Active Directory Account Expiration with LDAP and C#
问题描述
我想设置一个新的用户帐户在90天内从创建时到期。这是我的code创建用户并设置一切。一切正常,除了在这里我试图将其设置为过期的最后一块。
I am wanting to set a new users account to expire in 90 days from when it is created. Here is my code to create the user and set everything up. Everything works except for the last block where i am trying to set it to expire.
DirectoryEntry newUser = dirEntry.Children.Add("CN=" + cnUser, "user");
newUser.Properties["samAccountName"].Value = cnUser;
newUser.Properties["userPrincipalName"].Value = cnUser;
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Changes Password
String passwrd = userPassword.ToString();
newUser.Invoke("SetPassword", new object[] { passwrd });
newUser.CommitChanges();
//Sets User Account to Change Passowrd on new login
newUser.Properties["pwdLastSet"].Value = 0;
newUser.CommitChanges();
//Enables account
newUser.Properties["userAccountControl"].Value = (int)newUser.Properties["userAccountControl"].Value & ~0x2;
newUser.CommitChanges();
//Set the account to expire in 90 days
var dt1 = DateTime.Today.AddDays(90);
newUser.Properties["accountExpires"].Value = dt1.ToFileTime().ToString();
newUser.CommitChanges();
在如何让自己的工作?任何建议
Any Suggestions on how to get his working?
感谢
推荐答案
见的文档有关这一领域。你需要将其转换成蜱 -
See The Documentation about this field. You'll need to convert that to "ticks" --
the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires.
新的日期时间(DateTime.Now.AddDays(90).Ticks - 新的日期时间(1601,1,1).Ticks)。将让你正确的值
您可以通过从上述前pression得到的值并执行检查你的工作(手动):
You can check your work (manually) by getting the value from the above expression and executing:
w32tm.exe /ntte 130149277684873234
上面的命令对我来说结果是
The results of the above command for me was
150635 17:42:48.4873234 - 6/5/2013 12:42:48 PM
这篇关于设置与LDAP和C#的Active Directory帐户过期的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
